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REMARKS 

In a final Office Action dated June 3, 2005, the Examiner rejects claims 1-26. 
However, Applicants respectfully point out that claims 1-11, 13-17, 19-23, 25-26 (all 
pending claims) are the only claims pending in this application. Claims 12,18, and 24 
were cancelled in a response to an Office Action submitted on 24 February 2004. In 
response to the Office Action, Applicants respectfully cancel claims 1-11, 13-17, 19-23, 
and 25-26. Applicants also add claims 27-47 and traverse the rejection. Claims 27-47 
remain in the Application. In light of the following arguments, Applicants respectfully 
request that this Application be allowed. 

In the Office Action, the Examiner rejects claim 1 under 35 U.S.C. §103 (a) as 
being unpatentable over U.S. Patent Number 6,574,666 Bl issued to Dutta (Dutta) in 
view of U.S. Patent number 6,658,571 Bl issued to O'Brien et al (O'Brien). In order to 
maintain a rejection the Examiner has the burden of providing evidence of prima facie 
obviousness. See MPEP §2143. See also In Re Vaeck. 947 F.2d 488, 20 USPQ2d 1438 
(Fed. Cir. 1991). In order to prove prima facie obviousness, the Examiner must provide 
evidence in the prior art of a motivation to combine or modify a reference, a reasonable 
expectation of success, and a teaching of each and every claimed element. Id. 
Applicants assert the Examiner has failed to provide evidence of a teaching of each and 
every claimed element or evidence of a proper motivation to combine the references. 

Applicants submit new claim 27 in which a module is defined as software code 
configured to carry out an operation of providing protocol information for a particular 
protocol to said firewall core. The inspection module recited is not shown in the 
references cited by the Examiner. Claim 27 recites "at least one inspection module 
coupled for communication to said firewall core, each said at least one inspection module 
configured to provide protocol inspection of data packets to said firewall core, said 
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firewall core configured to receive data packets from said plurality of communication 
interfaces and communicate said packets to said at least one inspection module for 
inspection, said at least one inspection module is further configured to be installed 
during the operation of the firewall system." The Examiner has failed to provide a 
teaching of a module as recited in the claims. 

The Examiner also states that the pertinent rule that is fetched is a module. 
Applicants cannot see how the Examiner can make this statement. One skilled in the art 
will know the difference between a rule stored in a library and a module which is set of 
software instructions for performing a function. Applicants are pointing out these are 
two different entities. Thus, Dutta does not teach the module recited in claim 1. 

Applicants maintain that Dutta does not teach the firewall system recited in claim 
27. Specifically, Dutta does not teach "at least one inspection module coupled for 
communication to said firewall core, each said at least one inspection module configured 
to provide protocol inspection of data packets to said firewall core, said firewall core 
configured to receive data packets from said plurality of communication interfaces and 
communicate said packets to said at least one inspection module for inspection, said at 
least one inspection module is further configured to be installed during the operation of 
the firewall system." The Examiner has found the arguments to this point to be 
persuasive. However, the Examiner has ignored this point in the new rejection as the 
same references to Dutta teaching this limitation are again recited in the new rejection. 
Therefore, Applicants will again set forth the argument previously presented to show 
that Dutta does not teach this limitation. 

Applicants want to point out that the gist of Applicant's argument is that Dutta 
does not teach that the firewall contains two different modules that it performs different 
functions, namely, the firewall core and the at least one inspection module. The firewall 
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core provides packets to at least one inspection module. The Dutta teaching does not 
teach this feature. Dutta teaches the firewall either applies a rule or retrieves a rule and 
applies the rule to a packet. There is no teaching whatsoever of providing the packet to 
an inspection module that then inspects. Therefore, Dutta does not teach all of the 
claimed elements as arranged in the claim. The following remarks highlight that all of the 
limitations are not taught and therefore are asserted again for the Examiner's 
consideration. 

Claim 27 recites at least one inspection module. Dutta does not teach this 
limitation. Instead, Dutta teaches a firewall system in which rules in a database may be 
retrieved by a firewall system to test the packets. In claim 1, the firewall core provides 
the packets to an inspection module that inspects the packet. Each module is software 
that is being executed to perform inspection of a packet. Applicant cannot find any 
mention in Dutta of the use of different modules to inspect packets in a firewall system. 

The Examiner states that an inspection module is taught by Col. 5, lines 1-12 
which states: 

... (the executing fetching instructions), which in 
one embodiment is also implemented in the kernel, and in 
another embodiment is implemented at the application 
layer. The fetching process retrieves a pertinent rule and 
sends it to the firewall process, which loads it at the firewall. 
This embodiment advantageously separates the functions 
of the traditional firewall from retrieving a rule by the 
firewall for a packet. This keeps the firewall instructions 
relatively simple, and a maintains a certain level of security 
by separating the firewall process from interactions with 
e.g. an external database from which rules are to be 
retrieved to be loaded at the firewall. 
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Applicants do not see anything in this recited section that teaches an inspection 
module that provides inspection of packets for a firewall core. Instead, cited section 
teaches a firewall process for testing packets that has a separate fetching function that 
retrieves rules for testing to be used by a firewall process. There is no mention of a 
separate inspection module for inspecting packets as recited in claim 27. Furthermore, 
there is no mention of new inspection modules that may be loaded during execution of 
the firewall process. Thus, the at least one inspection module recited in claim 27 is not 
taught by Dutta. 

O'Brien also does not teach at least one inspection module coupled for 
communication to said firewall core, each said at least one inspection module configured 
to provide protocol inspection of data packets to said firewall core, said firewall core 
configured to receive data packets from said plurality of communication interfaces and 
communicate said packets to said at least one inspection module for inspection, said at 
least one inspection module is further configured to be installed during the operation of 
the firewall system as recited in claim 27. Instead O'Brien teaches modules that grant or 
deny access of resources to software applications based upon the application requesting 
a resource or the resource being requested. See Col. 3, lines 41-43. The modules 
monitor system calls made by applications and permit access to resources based upon 
system calls. See Col. 5, line 45-Col. 6, line 17. There is no mention anywhere in the 
O'Brien document of modules that monitor packets being sent between systems as in a 
firewall device. Thus, O'Brien does not teach the inspection module recited in amended 
claim 1. 

Since neither Dutta nor O'Brien teaches the inspection module recited in a claim 
27. Applicants request that this rejection be removed and claim 1 be allowed. 
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Even if the combination of Dutta and O'Brien teaches the inspection module 
claimed in claim 1, the Examiner has not provided evidence of a motivation to combine 
the references. As stated in the MPEP and case law, "The mere fact that references can 
be combined or modified does not render the resulting combination obvious unless the 
prior art suggests desirability of the combination." See In re Mill, 916 F2d 680 (Fed. Cir. 
1990). See also MPEP §2143.01. In the Office Action, the Examiner merely asserts that 
one skilled in the art would use security modules to reduce damage caused by malicious 
software without additional software. First, there is no support for this statement in 
either reference. Second, O'Brien standing alone solves the problem stated. See 
Abstract. Thus, applicant requests that the Examiner provide prior art showing this 
motivation. 

Furthermore, case law and the MPEP require the proposed modification cannot 
render the prior art unsatisfactory for its intended purpose. See MPEP §2143.01. See 
also In re Gordon . 733 F2d 900 (Fed. Cir 1984). If the purposed modification were made 
the firewall of Dutta would include security modules that monitor systems calls to restrict 
access to resource by software. This does not improve the unauthorized access to the 
system prevented by the firewall in Dutta. Furthermore, there is no improvement of 
restricting access to resources by monitoring the packets received by the system. Dutta 
and O'Brien are providing two different forms of security. Both systems are adequate 
for their intended purpose and combining the two would add a second function to each 
system. Thus, the combination is not permitted. 

Claims 28-31 are dependent upon claim 27. Thus, claims 28-31 are allowable for 
at least the same reasons as claim 27. Therefore, Applicants respectfully request claims 
28-31 be allowed. 
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Claim 32 recites a firewall core that executes inspection modules as recited in 
claim 27. Thus, claim 32 is allowable for the same reasons as claim 27. Therefore, 
applicants respectfully request that claim 32 be allowed. 

Claims 33-35 are dependent upon claim 32. Thus, claims 33-35 are allowable for 
at least the same reasons as claim 32. Therefore, Applicants respectfully request claims 
33-35 be allowed. 

Claim 36 recites an inspection module which the same as the inspection module 
recited in claim 27. Thus, claim 36 is allowable for the same reasons as claim 27. 
Therefore, applicants respectfully request that claim 36 be allowed. 

Claims 37-38 are dependent upon claim 36. Thus, claims 37-38 are allowable for 
at least the same reasons as claim 36. Therefore, Applicants respectfully request claims 
37-38 be allowed. 

Claim 39 recites method for operating a system as recited in claim 27. Thus, claim 
39 is allowable for the same reasons as claim 27. Therefore, applicants respectfully 
request that claim 39 be allowed. 

Claims 40-42 are dependent upon claim 39. Thus, claims 40-42 are allowable for 
at least the same reasons as claim 39. Therefore, Applicants respectfully request claims 
40-42 be allowed. 

Claim 43 recites a processing device that provides the method for providing the 
system recited in claim 27. Thus, claim 43 is allowable for the same reasons as claim 27. 
Therefore, applicants respectfully request that claim 43 be allowed. 

Claims 44-46 are dependent upon claim 43. Thus, claims 44-46 are allowable for 
at least the same reasons as claim 43. Therefore, Applicants respectfully request claims 
44-46 be allowed 
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If the Examiner has any questions regarding this application or this response, the 
Examiner is invited to telephone the undersigned at the below number. 



Dated: September 6, 2005 

Sierra Patent Group, Ltd. 
P.O. Box 6149 
Stateline, NV 89449 
(775) 586-9500 
(775) 586-9550 Fax 



Respectfully submitted, 
SIERRA PATENT GROUP, LTD. 




Reg. No.: 43,265 
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